There is no direct method offered by servlet API to delete a cookie on server side. This is how you can go about doing it.
1) Loop through the cookies in the request object to locate the one that you want to delete.
1 2 3 4 5 | for (Cookie cookie: request.getCookies()) {
if (USER_COOKIE_NAME.equals(cookie.getName())) {
return cookie;
}
} |
2) Set the maxAge property of the cookie to 0. This results in cookie expiring with immediate effect as soon as the client receives the response.
3) Optionally, set the value property to empty string. This is not really required since the cookie is about to be expired. However, this adds a sense of a clean and complete erasure if the cookie being deleted carries some critical, secure data.
4) Add this cookie to response. The cookie will be gone once the response is sent back to client!
1 2 3 4 | view plaincopy to clipboardprint
cookie.setMaxAge(0);
cookie.setValue("");
response.addCookie(cookie); |
This article is originally posted in Ganesh’s blog.
September 25, 2008
Servlets